Piwigo Bugtracker

Piwigo bug tracker has moved to Github

This bugtracker is kept to provide history on old issues.


View Issue Details Jump to Notes ] Issue History ] Print ]
IDProjectCategoryView StatusDate SubmittedLast Update
0002887Piwigouser commentspublic2013.04.10 12:142013.04.11 16:37
Reporterpapa fab 
Assigned Toplg 
PrioritynormalSeveritymajorReproducibilityalways
StatusclosedResolutionfixed 
PlatformWindowsOSWindows 7 USOS VersionUltimate
Product Version2.5.0 
Target Version2.5.1Fixed in Version2.5.1 
Summary0002887: Comments accessible anonymously if comments author is known
DescriptionIn a totally private gallery browsed anonymously, if you make a search with an author name (who already had posted some comments), all his comments and the related pictures are returned.
This should happends only if you are authenticated, but it works anonymously...
Steps To Reproduce* Go to http://www.domain-name.com/comments.php [^]
* Fill an author name (author who's already posted some comments)
* Submit

> All his comments and the related pictures are returned.
TagsNo tags attached.
browserany
Database engine and versionMySQL 5.5.16
PHP version5.2.11
Web serverApache/2.2.15 (Win32) mod_ssl/2.2.15 OpenSSL/0.9.8k
Attached Files

- Relationships

-  Notes
(0006920)
svn (reporter)
2013.04.11 16:26

[Subversion] r22141 by plg on branch 2.5

-----[Subversion commit log]----------------------------------------------------
bug 2887 fixed: avoid private photos to be returned as results on user comment
search with the appropriate author.
(0006921)
svn (reporter)
2013.04.11 16:28

[Subversion] r22142 by plg on trunk

-----[Subversion commit log]----------------------------------------------------
merge r22141 from branch 2.5 to trunk

bug 2887 fixed: avoid private photos to be returned as results on user comment
search with the appropriate author.


- Issue History
Date Modified Username Field Change
2013.04.10 12:14 papa fab New Issue
2013.04.10 12:14 papa fab browser => any
2013.04.10 12:14 papa fab Database engine and version => MySQL 5.5.16
2013.04.10 12:14 papa fab PHP version => 5.2.11
2013.04.10 12:14 papa fab Web server => Apache/2.2.15 (Win32) mod_ssl/2.2.15 OpenSSL/0.9.8k
2013.04.11 16:26 plg Status new => assigned
2013.04.11 16:26 plg Assigned To => plg
2013.04.11 16:26 svn Checkin
2013.04.11 16:26 svn Note Added: 0006920
2013.04.11 16:28 svn Checkin
2013.04.11 16:28 svn Note Added: 0006921
2013.04.11 16:37 plg Status assigned => closed
2013.04.11 16:37 plg Resolution open => fixed
2013.04.11 16:37 plg Category authentication => user comments
2013.04.11 16:37 plg Fixed in Version => 2.5.1
2013.04.11 16:37 plg Target Version => 2.5.1


Copyright © 2000 - 2018 MantisBT Team
Contact
Powered by Mantis Bugtracker